The issue with wildcard SSL certs has always been one of browser support. And, it turns out, I was somewhat misinformed. It appears that all the latest versions of all the major browsers support wilcard certs, with one caveat.

Internet Explorer 6 only recognized one level of naming for the wildcard. That is, *.example.com will match www.example.com, but will not match www.monkeys.example.com

And, of course, if you're not making the certs yourself, wildcard certs are considerably more expensive than regular ones.